Information right management systems enable information to be protected after it has been accessed by or delivered to an authorized individual. They typically use persisten usage policies which remain with information when that information is transferred.
For example, consider a sender who wishes to send an email message that contains confidential information to a group of selected recipients. Using an information rights management system enabled email application, such as those currently known, the sender is able to select a template to specify that recipients may read the email message but not copy, paste, edit or forward that message. When the recipients receive the email message they are able to view it using the email application. The email application enforces the permissions so that the recipients are unable to copy, paste, edit or forward the message. Existing information rights management systems also enable other policies to be used. For example, the sender might set a time limit after which the recipients are no longer able to view the email.
These types of restrictions can also be applied to intranet content and electronic documents using known information rights management systems. As such, existing information rights management systems can only be applied in limited situations. It would be desirable to have a unified framework that both manages objects that cross a security boundary and managing attributes of objects existing within a single, well-defined security boundary.